NTISthis.com

Evidence Guide: ICTNWK502 - Implement secure encryption technologies

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTNWK502 - Implement secure encryption technologies

What evidence can you provide to prove your understanding of each of the following citeria?

Determine encryption methods

  1. Analyse enterprise data security requirements
  2. Create a new or review an existing security plan to determine appropriate encryption methods
  3. Review a range of encryption technologies and rank the most appropriate options
  4. Assess the costs associated with each encryption option
  5. Document encryption options and costs, and forward to appropriate person for decision
Analyse enterprise data security requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Create a new or review an existing security plan to determine appropriate encryption methods

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Review a range of encryption technologies and rank the most appropriate options

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assess the costs associated with each encryption option

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Document encryption options and costs, and forward to appropriate person for decision

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement encryption

  1. Apply encryption technologies to the enterprise system
  2. Analyse effect of encryption technologies on user roles and responsibilities
  3. Inform user of new encryption technologies and the effect it has on their responsibilities
Apply encryption technologies to the enterprise system

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Analyse effect of encryption technologies on user roles and responsibilities

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Inform user of new encryption technologies and the effect it has on their responsibilities

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Monitor encryption

  1. Analyse implementation of the encryption technologies, confirming function and performance
  2. Review help desk records for problems concerning implementation and take appropriate action
  3. Review system logs for encryption issues and compromises
  4. Document encryption issues and compromises, and notify appropriate person
Analyse implementation of the encryption technologies, confirming function and performance

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Review help desk records for problems concerning implementation and take appropriate action

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Review system logs for encryption issues and compromises

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Document encryption issues and compromises, and notify appropriate person

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Evidence Guide

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Determine encryption methods

1.1 Analyse enterprise data security requirements

1.2 Create a new or review an existing security plan to determine appropriate encryption methods

1.3 Review a range of encryption technologies and rank the most appropriate options

1.4 Assess the costs associated with each encryption option

1.5 Document encryption options and costs, and forward to appropriate person for decision

2. Implement encryption

2.1 Apply encryption technologies to the enterprise system

2.2 Analyse effect of encryption technologies on user roles and responsibilities

2.3 Inform user of new encryption technologies and the effect it has on their responsibilities

3. Monitor encryption

3.1 Analyse implementation of the encryption technologies, confirming function and performance

3.2 Review help desk records for problems concerning implementation and take appropriate action

3.3 Review system logs for encryption issues and compromises

3.4 Document encryption issues and compromises, and notify appropriate person

Required Skills and Knowledge

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Determine encryption methods

1.1 Analyse enterprise data security requirements

1.2 Create a new or review an existing security plan to determine appropriate encryption methods

1.3 Review a range of encryption technologies and rank the most appropriate options

1.4 Assess the costs associated with each encryption option

1.5 Document encryption options and costs, and forward to appropriate person for decision

2. Implement encryption

2.1 Apply encryption technologies to the enterprise system

2.2 Analyse effect of encryption technologies on user roles and responsibilities

2.3 Inform user of new encryption technologies and the effect it has on their responsibilities

3. Monitor encryption

3.1 Analyse implementation of the encryption technologies, confirming function and performance

3.2 Review help desk records for problems concerning implementation and take appropriate action

3.3 Review system logs for encryption issues and compromises

3.4 Document encryption issues and compromises, and notify appropriate person

Evidence of the ability to:

analyse enterprise data security requirements

create or review existing security plan to determine the appropriate encryption methods

rank and document appropriate encryption methods

implement encryption systems and inform users of any impacts

monitor and document encryption issues and compromises, and notify appropriate person.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

To complete the unit requirements safely and effectively, the individual must:

explain certificate related infrastructure (certificate authorities, registration authorities, repository services)

summarise common asymmetric key algorithms and their usage

explain common symmetric key algorithms and their usage, such as:

advanced encryption standard (AES)

data encryption standard (DES)

triple data encryption algorithm (triple DES)

Blowfish

explain encryption strength

summarise various encryption types, including public key, secret key, hash key

summarise the functions and features of:

access control permissions

digital signatures

symmetric encryption, asymmetric encryption and one-way encryption

timestamps

explain one-way message digests, such as message digest algorithm 5 (MD5) and secure hash algorithm (SHA)

explain public key infrastructure (PKI), pretty good privacy (PGP) and GNU Privacy Guard (GnuPG)

outline replay security

outline possible sources of security threats, including eavesdropping, data interception, data corruption, data falsification and authentication issues

explain transmission control protocol or internet protocol (TCP/IP) protocols and applications

summarise security problems and challenges that arise from organisational issues

outline wired equivalent privacy (WEP), Wi-Fi protected access (WPA) and Wi-Fi protected access 2 (WPA2).